[ASA-201911-1] chromium: arbitrary code execution

Arch Linux Security Advisory ASA-201911-1 ========================================= Severity: Critical Date : 2019-11-01 CVE-ID : CVE-2019-13720 CVE-2019-13721 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1058 Summary ======= The packag...

[ASA-201906-12] linux-hardened: denial of service

Arch Linux Security Advisory ASA-201906-12 ========================================== Severity: High Date : 2019-06-17 CVE-ID : CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 Package : linux-hardened Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-986 Summary =======...

[ASA-201901-3] elfutils: denial of service

Arch Linux Security Advisory ASA-201901-3 ========================================= Severity: Medium Date : 2019-01-08 CVE-ID : CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 Package : elfutils Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-785 Summary ======= The...

[ASA-201710-27] chromium: multiple issues

Arch Linux Security Advisory ASA-201710-27 ========================================== Severity: Critical Date : 2017-10-19 CVE-ID : CVE-2017-15386 CVE-2017-15387 CVE-2017-15388 CVE-2017-15389 CVE-2017-15390 CVE-2017-15391 CVE-2017-15392 CVE-2017-15393 CVE-2017-15394 CVE-2017-15395 CVE-2017-5124...

[ASA-201707-27] lib32-expat: denial of service

Arch Linux Security Advisory ASA-201707-27 ========================================== Severity: Medium Date : 2017-07-26 CVE-ID : CVE-2016-9063 CVE-2017-9233 Package : lib32-expat Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-305 Summary ======= The package...

[ASA-201706-30] linux-zen: privilege escalation

Arch Linux Security Advisory ASA-201706-30 ========================================== Severity: High Date : 2017-06-23 CVE-ID : CVE-2017-1000364 Package : linux-zen Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-324 Summary ======= The package linux-zen before...

[ASA-201704-9] webkit2gtk: multiple issues

Arch Linux Security Advisory ASA-201704-9 ========================================= Severity: Critical Date : 2017-04-28 CVE-ID : CVE-2016-9642 CVE-2016-9643 CVE-2017-2367 CVE-2017-2376 CVE-2017-2377 CVE-2017-2386 CVE-2017-2392 CVE-2017-2394 CVE-2017-2395 CVE-2017-2396 CVE-2017-2405 CVE-2017-2415...

[ASA-201703-6] linux-lts: privilege escalation

Arch Linux Security Advisory ASA-201703-6 ========================================= Severity: High Date : 2017-03-12 CVE-ID : CVE-2017-2636 Package : linux-lts Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-200 Summary ======= The package linux-lts before versio...

[ASA-201702-18] linux-zen: multiple issues

Arch Linux Security Advisory ASA-201702-18 ========================================== Severity: High Date : 2017-02-22 CVE-ID : CVE-2016-10088 CVE-2016-9588 CVE-2017-5986 CVE-2017-6074 Package : linux-zen Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-186 Summary...

[ASA-201701-35] linux-lts: privilege escalation

Arch Linux Security Advisory ASA-201701-35 ========================================== Severity: Medium Date : 2017-01-27 CVE-ID : CVE-2017-2583 Package : linux-lts Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-150 Summary ======= The package linux-lts before...

xerces-c: arbitrary code execution

The DTDScanner fails to account for the fact that peeking characters in the XMLReader class can raise an exception if an invalid character is encountered, and the exception crosses stack frames in an unsafe way that causes a higher level exception handler to access an already-freed object...

libpurple: multiple issues

CVE-2016-2365 denial of service Specially crafted MXIT data sent via the server could potentially result in a null pointer dereference. - CVE-2016-2366 denial of service Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. - CVE-2016-2367 information...

expat: arbitrary code execution

Multiple integer overflows in the XMLGetBuffer function in Expat through 2.1.0 allow remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716...

lib32-curl: authentication bypass

A vulnerability was found in a way libcurl uses NTLM-authenticated proxy connections. Libcurl will reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. Since NTLM-based authentication is...

bind: denial of service

CVE-2015-5722 Parsing malformed keys may cause BIND to exit due to a failed assertion in buffer.c: Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example...

firefox: multiple issues

CVE-2015-4497 use-after-free when resizing canvas element during restyling: Mozilla community member Jean-Max Reymond discovered a use-after-free vulnerability with a canvas element on a page. This occurs when a resize event is triggered in concert with style changes but the canvas references...

curl: information leakage

CVE-2015-3236 lingering HTTP credentials in connection re-use: libcurl can wrongly send HTTP credentials when re-using connections. libcurl allows applications to set credentials for the upcoming transfer with HTTP Basic authentication, like with CURLOPTUSERPWD for example. Name and password...

wpa_supplicant: arbitrary code execution

A vulnerability was found in how wpasupplicant uses SSID information parsed from management frames that create or update P2P peer entries e.g., Probe Response frame or number of P2P Public Action frames. SSID field has valid length range of 0-32 octets. However, it is transmitted in an element th...

jre7-openjdk-headless: multiple issues

CVE-2005-1080 CVE-2015-0480 directory traversal A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. - CVE-2015-0460...

privoxy: denial of service

CVE-2015-1380 denial of service Denial of service issue was found in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. - CVE-2015-1381 segmentation fault Multiple segmentation faults and...

jre8-openjdk-headless: multiple issues

CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6549 arbitrary code execution Incorrect class loader permission check in ClassLoader...

jre8-openjdk: multiple issues

CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6549 arbitrary code execution Incorrect class loader permission check in ClassLoader...

firefox: multiple issues

CVE-2014-8634 arbitrary remote code execution Christian Holler and Patrick McManus reported memory safety problems and crashes that affect Firefox ESR 31.3 and Firefox 34. - CVE-2014-8635 arbitrary remote code execution Christoph Diehl, Christian Holler, Gary Kwong, Jesse Ruderman, Byron Campen,...

unbound: denial of service

The resolver can be tricked into following an endless series of delegations, this consumes a lot of resources. Resolvers fetch the content for domain names by sending queries to authority servers on the internet. One of the responses that authority servers can return is a referral response, which...

mantisbt: arbitrary code execution and unrestricted access

CVE-2014-7146 arbitrary code execution When importing data with the plugin, user input passed through the "description" field and the "issuelink" attribute of the uploaded XML file isn't properly sanitized before being used in a call to the pregreplace function which uses the 'e' modifier. This...

[ASA-202210-4] linux-zen: multiple issues

Arch Linux Security Advisory ASA-202210-4 ========================================= Severity: Critical Date : 2022-10-14 CVE-ID : CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 Package : linux-zen Type : multiple issues Remote : Yes Link :...

[ASA-202207-1] webkit2gtk-5.0: multiple issues

Arch Linux Security Advisory ASA-202207-1 ========================================= Severity: Critical Date : 2022-07-29 CVE-ID : CVE-2022-32792 CVE-2022-32816 Package : webkit2gtk-5.0 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2792 Summary ======= The package...

[ASA-202203-1] postgresql: man-in-the-middle

Arch Linux Security Advisory ASA-202203-1 ========================================= Severity: High Date : 2022-03-25 CVE-ID : CVE-2021-23214 Package : postgresql Type : man-in-the-middle Remote : Yes Link : https://security.archlinux.org/AVG-2546 Summary ======= The package postgresql before...

[ASA-202112-11] grafana: directory traversal

Arch Linux Security Advisory ASA-202112-11 ========================================== Severity: High Date : 2021-12-11 CVE-ID : CVE-2021-43798 CVE-2021-43813 CVE-2021-43815 Package : grafana Type : directory traversal Remote : Yes Link : https://security.archlinux.org/AVG-2609 Summary ======= The...

[ASA-202112-9] thunderbird: multiple issues

Arch Linux Security Advisory ASA-202112-9 ========================================= Severity: High Date : 2021-12-11 CVE-ID : CVE-2021-43528 CVE-2021-43536 CVE-2021-43537 CVE-2021-43538 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43543 CVE-2021-43545 CVE-2021-43546 Package : thunderbird...

[ASA-202011-7] salt: multiple issues

Arch Linux Security Advisory ASA-202011-7 ========================================= Severity: Critical Date : 2020-11-10 CVE-ID : CVE-2020-16846 CVE-2020-17490 CVE-2020-25592 Package : salt Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1262 Summary ======= The...

[ASA-202006-4] thunderbird: multiple issues

Arch Linux Security Advisory ASA-202006-4 ========================================= Severity: High Date : 2020-06-06 CVE-ID : CVE-2020-12398 CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 Package : thunderbird Type : multiple issues Remote : Yes Link :...

[ASA-201903-2] openssl-1.0: information disclosure

Arch Linux Security Advisory ASA-201903-2 ========================================= Severity: Medium Date : 2019-03-02 CVE-ID : CVE-2019-1559 Package : openssl-1.0 Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-917 Summary ======= The package openssl-1.0 befo...

[ASA-201812-5] openssl: private key recovery

Arch Linux Security Advisory ASA-201812-5 ========================================= Severity: Low Date : 2018-12-08 CVE-ID : CVE-2018-0734 CVE-2018-0735 Package : openssl Type : private key recovery Remote : Yes Link : https://security.archlinux.org/AVG-792 Summary ======= The package openssl...

[ASA-201808-5] linux-lts: denial of service

Arch Linux Security Advisory ASA-201808-5 ========================================= Severity: High Date : 2018-08-08 CVE-ID : CVE-2018-5390 Package : linux-lts Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-748 Summary ======= The package linux-lts before version...

[ASA-201701-36] lib32-openssl: multiple issues

Arch Linux Security Advisory ASA-201701-36 ========================================== Severity: Medium Date : 2017-01-27 CVE-ID : CVE-2016-7055 CVE-2017-3731 CVE-2017-3732 Package : lib32-openssl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-155 Summary ======= The...

wordpress: multiple issues

CVE-2016-7168 cross-site scripting A cross-site scripting vulnerability via an image filename, reported by SumOfPwm researcher Cengiz Han Sahin. - CVE-2016-7169 directory traversal A directory traversal vulnerability in the upgrade package uploader, reported by Dominik Schilling from the...

mercurial: arbitrary code execution

Mercurial prior to 3.8 allowed arbitrary code execution when using the convert extension on Git repos with hostile names. This could affect automated code conversion services that allow arbitrary repository names. This is a further side-effect of Git CVE-2015-7545. Reported and fixed by Blake...

lib32-glibc: unbound stack usage

CVE-2014-9761 unbound stack usage The nan, nanf and nanl functions no longer have unbounded stack usage depending on the length of the string passed as an argument to the functions...

libssh: man-in-the-middle

libssh versions 0.1 and above have a bits/bytes confusion bug and generate the an anormaly short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits...

libsndfile: multiple issues

CVE-2014-9496 unspecified impact The sd2parsersrcfork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a 1 map offset or 2 rsrc marker, which triggers an out-of-bounds read. - CVE-2014-9756 denial of service The psffwrite function in fileio.c in...

php: multiple issues

CVE-2016-1903 information disclosure An out-of-bounds vulnerability has been discovered in ext/gd/libgd/gdinterpolation.c in the gdImageRotateInterpolated function. The background color of an image is passed in as an integer that represents an index to the color palette. As there is a lack of...

wireshark-qt: denial of service

CVE-2015-8742 denial of service The dissectCPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service memory consumption or application crash via a...

phpmyadmin: content spoofing

This vulnerability allows an attacker to perform a content spoofing attack using the phpMyAdmin's redirection mechanism to external sites. This vulnerability is not considered to be critical since the spoofed content is escaped and no HTML injection is possible...

subversion: authentication bypass

CVE-2015-3184: Subversion's modauthzsvn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that anonymous access may be possible to files for which only authenticated access should be possible. - CVE-2015-3187:...

wireshark-gtk: denial of service

CVE-2015-3808 denial of service There is an infinite loop condition in dissectlbmrpser in epan/dissectors/packet-lbmr.c. It's possible for an attacker to set the the variable 'optionlen' to 0, causing the loop to never terminate. This issue is leading to excessive CPU resources consumption by...

curl: multiple issues

CVE-2015-3143 re-using authenticated connection when unauthenticated: libcurl keeps a pool of its last few connections around after use to fascilitate easy, conventient and completely transparent connection re-use for applications. When doing HTTP requests NTLM authenticated, the entire...

jre8-openjdk: multiple issues

CVE-2005-1080 CVE-2015-0480 directory traversal A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. - CVE-2015-0460...

jdk8-openjdk: multiple issues

CVE-2005-1080 CVE-2015-0480 directory traversal A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. - CVE-2015-0460...

drupal: multiple issues

CVE-2015-2559 access bypass Password reset URLs can be forged under certain circumstances, allowing an attacker to gain access to another user's account without knowing the account's password. In Drupal 7, this vulnerability is mitigated by the fact that it can only be exploited on sites where...